Helix Policies

(These policies affect all managed customers under the Helix organization)

 

  • Audit
    1. Audit – Azure AD Sync Version (View: Policy – Application – Azure AD Connect Sync)
      • Agent Procedures
        • Audit – Azure AD Sync Version (Every Tu, 11am, 1h distribution)
    2. Srvr Monitoring (Hyper-V) (View: Policy – Role – Hyper-V Server)
      • Agent Procedures
        • Audit – Guest VMs (Every day, 10pm, 1h distribution)
    3. Audit - Mac OS X (Policy - OS - Mac OS X)
      • Agent Procedures
        • Mac – Time Machine Check (Every day, 9am, 2h distribution)
        • Mac – Get MSOffice Version (Every day, 9:30am, 2h distribution)
        • FileVault Status (Every day, 5am, 2h distribution)
        • Mojave Compatibility Check (One time, 2pm, 1h distribution)
        • Mac – Prevent Sleep on AC Power (Every day, 4pm, 1h distribution)
        • Audit - Mac – LogMeIn Status (Once, 3pm, 1h distribution)
        • Audit - Mac – LogMeIn Status (Every Mon, 2pm, 4h distribution)
    4. Audit - Windows Servers (View: Policy - OS - Windows Servers)
      • Agent Procedures
        • Audit – VMMS Test (Once, 5pm, 1h distribution)
        • Audit – VMMS Test (Every Mon, 1am, 3h distribution)
        • Audit – Product Keys – Save to Agent – new (Every Sun, Midnight, 1h distribution)
        • Backup Agent Monitoring (Every 12h, Midnight-12, 1h distribution)
    5. Audit - Windows (View: Policy – OS - Windows)
      • Agent Procedures
        • Audit – Windows Activation Status (Every Thur, 3:15pm, 4h distribution)
        • Audit – Webroot Status (Every Tue, 4:30pm, 4h distribution)
        • Windows – Huntress Status (Once, 3pm, 1h distribution)
        • Windows – Huntress Status (Every Mon, 2pm, 4h distribution)
        • Windows – LogMeIn Status (Once, 3pm, 1h distribution)
        • Windows – LogMeIn Status (Every Mon, 2pm, 4h distribution)
        • Audit - Get Scheduled Tasks (Every Wed, 11am, 4h distribution)
        • Audit - Check SMB1 Status (Every Mon, Thur, 1pm, 4h distribution)
        • Audit - Check UEFI Status (Every Mon, Thur, 8am, 4h distribution)
        • Audit - Check USB Mass Storage Status (Every Mon, Thur, 10am, 4h distribution)
        • Audit - Firewall (Domain, Private, and Public) (Every Mon, Thur, 4pm, 4h distribution)
        • Audit - Guest Account Status Check (Every Mon, Thur, 12pm, 4h distribution)
        • Audit – System Uptime (Every day, 8am, 4h distribution)
        • Audit - Pending Reboot (Every Wed and Sat, 12pm, 4h distribution)
        • Audit - Windows Edition (Once, 9am, 0 distribution)
        • Audit - Windows Edition (Every 14th of the month, 10am, 4h distribution)
    6. Audit - Windows Workstations (View: Policy - OS - Windows Workstations)
      • Agent Procedures
        • Minidump Check (Every Thur, 11pm, 4h distribution)
        • BitLocker Status & Key Retrieval – UPDATE_SYSINFO (Every Wed, 10pm, 4h distribution)
        • Audit – OST Sizes – Powershell (Every Wed, 4am, 4h distribution)
        • Audit – Windows 10 OS Build Number (Every Mon, Fri, 11am, 4h distribution)
        • Audit – Product Keys – Save to Agent – new (Every Sun, 10pm, 4h distribution)
        • Audit – Disk Type (Every Mon, 10pm, 4h distribution)
        • Audit – Camera (Every Wed, 2pm, 4h distribution)
        • Audit – Monitors (Every Mon, Wed, Fri, 11am, 4h distribution)
        • UAC Audit (Every day, 7pm, 4h distribution)
        • Policy - Patching - Reboot Notification if Pending Reboot (Every Thur, 11am, 1h distribution)
  • Maintenance
    • General Maintenance
      • Maintenance - Windows 10 (View: Policy - OS - Windows 10)
        • Disable Fast Startup (Every 5th of the month, 11pm, 4h distribution)
        • Prevent Bing Deploy (Every last day of the month, 2:30am, 2h distribution)
        • Configure WUB – 10 Endpoints (One time, Midnight, 2h distribution)
        • Configure WUB – 10 Endpoints (Every 1st of the month, 2:15am, 3h distribution)
    • Account Management
      1. Deploy Accounts (View: Policy – OS – Windows Workstations)
        • Agent Procedures
          1. Admin – RemoteAdmin (One time, 1am, 1h distribution)
          2. Admin – RemoteAdmin (Every first of month, 3am, 1h distribution)
          3. Local Admin – Helix (Every first of month, 2am, 1h distribution)
          4. Local Admin – Helix (One time, 9am, 1h distribution)
      2. RecoveryAdmin Mac Policy (View: Policy – OS – Mac OS X Workstations)
        • Agent Procedures
          1. Mac – Deploy recoveryadmin User (One time, Midnight, 1h distribution)
          2. Mac – Deploy recoveryadmin User (Every first of month, 2:30pm, 1h distribution)
      3. RecoveryAdmin Win Policy (View: Policy – OS – Windows Workstations)
        • Agent Procedures
          1. Local Admin – RecoveryAdmin (One time, Midnight, 1h distribution)
          2. Local Admin – RecoveryAdmin (Every first of month, 1am, 2h distribution)
    • Applications
      1. Admin Tools (View: Policy – OS – Windows)
        • Agent Procedures
          1. AdminTools Deployment (One time, 10pm, 1h distribution)
          2. AdminTools Deployment (Every first of month, 8am, 4h distribution)
      2. Win Wkstn Ninite Updates (View: Policy – OS – Windows Workstations)
        • Agent Procedures
          1. Ninite-UpdateAll (Every Tu, Thu, Sat, Sun, 1am, 1h distribution)
          2. Zoom Updater (Every Sat, 00:45, 1h distribution)
      3. Win Srvr Ninite Updates (View: Policy – OS – Windows Servers)
        • Agent Procedures
          1. Ninite-UpdateAll (Every Sun, 11pm, 1h distribution)
    • Dell Scripts
      1. Dell-Bloatware-Removal (View: Policy – OS – Windows Workstations (Dell))
        • Agent Procedures
          • Dell Bloatware Wipe (One time, midnight, 15 min distribution)
    • Cleanup Policies
      1. Win Srvr – Disk Cleanup (View: Policy – OS – Windows Servers)
        • Agent Procedures
          1. CleanupTempPowershell (Every Sun, 10:45pm, 1h distribution)
          2. Cleanup – Delete all ps1 and bat from Helix folder (Every 1st of the month, 8pm, 4h distribution)
      2. Win Wkstn – Disk Cleanup (View: Policy – OS – Windows Workstations)
        • Agent Procedures
          1. Cleanup – Delete all ps1 and bat from Helix folder (Every first of month, 8am, 4h distribution)
      3. XMR Cleanup (View: Policy - OS - Windows)
        • Agent Procedures
          • XMR Endpoint Cleanup v5.1 (One time, 9am, no distribution)
          • XMR Endpoint Cleanup v5.1 (Every Thur, 4:30pm, 4h distribution)
  • Monitoring Policies
    • Server Monitoring
      1. Srvr Monitoring (Dell) (View: Policy – OS – Windows Servers (Dell))
        • Alerts
          1. Event Log: Dell – Openmanage RAID Monitors -> Alarm, email: support@helixsystemsinc.com
      2. Srvr Monitoring (Linux) (View: Policy – OS – Linux)
        • Alerts
          1. Agent Status (not checked in 5 minutes) -> Alarm, email: support@helixsystemsinc.com,ivan.rakov@helixsystemsinc.com
      3. Srvr Monitoring (Print) (View: Policy - Role - Print Server)
        • Monitor Sets
          1. Helix – Server – PrintServer -> Alarm, email: support@helixsystemsinc.com
      4. Srvr Monitoring (SSTP VPN) (View: Policy - Role - SSTP VPN Servers)
        • Monitor Sets
          1. Service – SSTP VPN – Remote Access -> Alarm, Script: SSTP VPN Remediation
      5. Srvr Monitoring (VSS) (View: Policy - OS - Windows Servers)
        • Alerts
          1. Event Log: VSS-Errors -> Alarm, Script: Restart VSS Service, Email: support@helixsystemsinc.com
      6. Srvr Monitoring (ColdFusion) (View: Policy - OS - Windows Server (Coldfusion))
        • Monitor Sets
          1. Helix – Server – Web – ColdFusion -> Alarm, email: support@helixsystemsinc.com
      7. Srvr Monitoring (SQL) (View: Policy - Role - All MS SQL Servers)
        • Monitor Sets
          1. Helix - BASIC - Performance - MS SQL Server (Default Instance) -> Alarm, email: support@helixsystemsinc.com
          2. Helix - BASIC - Services - MS SQL Server (All Instances) -> Alarm, email: support@helixsystemsinc.com
      8. Srvr Monitoring (Web) (View: Policy - Role - IIS Server)
        • Monitor Sets
          1. Helix – Server – Web -> Alarm, email: support@helixsystemsinc.com
      9. Srvr Monitoring (DHCP) (View: Policy - Role - DHCP Servers)
        • Alerts
          1. Event Logs: Helix - DHCP Leases Free Below 10 -> Alarm, email: support@helixsystemsinc.com
          2. Event Logs: Microsoft-Windows-Dhcp-Server/Operational (All events)-> Alarm, email: support@helixsystemsinc.com
        • Monitor Sets
          1. Helix – Server – DHCP -> Alarm, email: support@helixsystemsinc.com
      10. Win Srvr Monitoring (View: Policy - OS - Windows Servers)
        • Alerts
          1. Event Log: Hardware Events (All events) -> Alarm, email: support@helixsystemsinc.com
          2. Event Log:DFS Replication (Helix - DFSR - Replication Error) -> Alarm, email: support@helixsystemsinc.com
          3. Agent Status (not checked in 5 minutes) -> Alarm, email: support@helixsystemsinc.com
          4. Event Log: System (Helix - Service Failure 7000 Monitor) -> Alarm, email: support@helixsystemsinc.com
        • Monitor Sets
          1. Helix – BASIC – Performance – Memory Usage – Servers ENG -> Alarm, email: support@helixsystemsinc.com
          2. Helix – BASIC – Performance – CPU Total Usage – Servers ENG -> Alarm, email: support@helixsystemsinc.com
          3. Helix – AADMFAMonitors -> Alarm, email: support@helixsystemsinc.com
          4. Helix – BASIC – Services – Windows Servers -> Alarm
          5. Helix – VeeamMonitors -> Alarm
          6. Helix – Low Disk Server : Under 10 GB on C: Drive -> Alarm – Script: Srvr - AP - Full Disk Cleanup – Powershell
          7. Helix – BASIC – Low Disk – Drive C Below 4GB – Servers ENG -> Alarm, email: support@helixsystemsinc.com
      11. Srvr Monitoring (SMTP) (View: Policy - Role - SMTP Servers)
        • Monitor Sets
          1. Helix – Email – SMTP Server Service -> Alarm, email: support@helixsystemsinc.com
      12. Srvr Monitoring (DC) (View: Policy - Role - DC Servers)
        • Alerts
          1. Event Log: System (critical.dc.error.events) -> Alarm, email: support@helixsystemsinc.com
          2. Event Log: Directory Service (zz[SYS] Network Infrastructure - Active Directory Events (E) - APP - {Severity3}) -> Alarm, email: support@helixsystemsinc.com
          3. Event Log: DNS Server (zz[SYS] Network Infrastructure - DNS Server (E) - SYS - {Severity1}) -> Alarm, email: support@helixsystemsinc.com
          4. Event Log: Directory Service (zz[SYS] Network Infrastructure - Active Directory (E) - SYS - {Severity1}) -> Alarm, email: support@helixsystemsinc.com
          5. Event Log: DNS Server (zz[SYS] Network Infrastructure - Active Directory (E) - SYS - {Severity1}) -> Alarm, email: support@helixsystemsinc.com
        • Monitor Sets
          1. Helix – BASIC – Services – MS Domain Controller -> Alarm, email: support@helixsystemsinc.com
          2. Helix – Server – DNS -> Alarm, email: support@helixsystemsinc.com
      13. Srvr Monitoring (TS) (View: Policy - Role - Terminal Servers)
        • Monitor Sets
          1. Helix - BASIC - Performance - Terminal Server ENG -> Alarm, email: support@helixsystemsinc.com
          2. Helix - BASIC - Services - Terminal Server -> Alarm, email: support@helixsystemsinc.com
    • Workstation Monitoring
      1. Mac Wkstn Monitoring (View: Policy - OS - Mac OS X Workstations)
        • Agent Procedures
          1. Mac – Battery Health Info (Every 3 days, Midnight, 1h distribution)
          2. Audit – MacOSX MDM (Every Mon, 4pm, 1h distribution) (Deleted Temporarily)
      2. Win Wkstn Monitoring (View: Policy - OS - Windows Workstations)
        • Monitor Sets
          1. Helix – Low Disk : Under 5GB on C: Drive -> Alarm, Script: Workst -AP- FullDiskCleanup -Powershell-Nikita-working
  • Patching
    • Win Srvr Patching Policies
      1. Win Srvr (Veeam) Updates (View: Veeam Backup Servers)
        • Patch File Source: Download from Internet
        • Patch Procedure Schedule
          1. Patch Scan: Every Mon, Thur, Midnight, 2h distribution
          2. Automatic Update: Every 3rd Sat, 1:15 am, 1h distribution
        • Patch Reboot Action: Reboot immediately after update
        • Patch Settings
          1. Pre/Post Procedure
            • Before Initial Update: Prompt for Windows Update
            • After Automatic Update: Check Safe Mode
          2. Patch Policy Membership: Servers
        • Patch Windows Automatic Update
          1. Disable Windows Automatic Update
      2. Win Srvr (Hyper-V) Updates (View: Server - Win - HyperV Role)
        • Patch File Source: Download from Internet
        • Patch Procedure Schedule
          1. Patch Scan: Every Mon, Thur, Midnight, 2h distribution
          2. Automatic Update: Every 3rd Sun, 1:15 am, 1h distribution
        • Patch Reboot Action: Reboot immediately after update
        • Patch Settings
          1. Pre/Post Procedure
            • Before Initial Update: Prompt for Windows Update
            • After Automatic Update: Check Safe Mode
          2. Patch Policy Membership: Servers
        • Patch Windows Automatic Update
          1. Disable Windows Automatic Update
      3. Win Srvr (DC) Updates (View: Server - Win – DC)
        • Patch File Source: Download from Internet
        • Patch Procedure Schedule
          1. Patch Scan: Every Mon, Thur, 4:30am, 2h distribution
          2. Automatic Update: Every 4th Sat, 1:30am, 1h distribution
        • Patch Reboot Action: Reboot immediately after update
        • Patch Settings
          1. Pre/Post Procedure
            • Before Initial Update: Prompt for Windows Update
            • After Automatic Update: Check Safe Mode
          2. Patch Policy Membership: Servers
        • Patch Windows Automatic Update
          1. Disable Windows Automatic Update
      4. Win Srvr (Not DC/HV/Veeam) Updates (View: Policy - Role - Server Win - Not DC or Hyper-V or Veeam)
        • Patch File Source: Download from Internet
        • Patch Procedure Schedule
          1. Patch Scan: Every Mon, Thur, 1am, 2h distribution
          2. Automatic Update: Every 4th Sun, 1:15 am, 1h distribution
        • Patch Reboot Action: Reboot immediately after update
        • Patch Settings
          1. Pre/Post Procedure
            • Before Initial Update: Prompt for Windows Update
            • After Automatic Update: Check Safe Mode
          2. Patch Policy Membership: Servers
        • Patch Windows Automatic Update
          1. Disable Windows Automatic Update
    • Win Wkstn Patching Policies
      1. Win Wkstn Updates (View: Policy - OS - Windows Workstations)
        • Patch File Source: Download from Internet
        • Patch Procedure Schedule
          1. Patch Scan: Every Thur, 9pm, 4h distribution
          2. Automatic Update: Every Fri, 11pm, 4h distribution
        • Patch Reboot Action: If user logged in ask to reboot every 60 minutes until reboot occurs. Reboot is user not logged in
        • Patch Settings
          1. Pre/Post Procedure
            • Before Initial Update: Prompt for Windows Update
            • After Automatic Update: Check Safe Mode
          2. Patch Policy Membership: Servers
        • Patch Windows Automatic Update
          1. Disable Windows Automatic Update
  • Veeam Policies
    1. Veeam Backup Servers Policy (View: Policy - Role - Veeam Backup Server)
      • Agent Procedure
        • Collect and Process Backup Server Stats (Every hour)
    2. Veeam Enterprise Manager Servers (View: Policy - Role - Veeam Enterprise Manager Servers)
      • Agent Procedure
        • Collect and Process Backup Server Stats (Every hour)
  • Universal Policies
    1. Mac Universal Baseline (View: Policy - OS - Mac OS X)
      • Agent Menu
        • Enable Agent Icon
        • Company URL: Support Portal (http://helix123.com)
        • Refresh – Agent Initiates a Full Check-in with KServer
      • Audit Schedule
        • Last Audit (Every Mon, 3pm, 2h distribution)
        • Baseline Audit (Every 6 months, 4pm, 4h distribution)
        • System Audit (Every 3 months, 4pm, 4h distribution)
      • Checkin
        • Primary: K2.helix213.com: 5721
        • Secondary: 209.222.24.92:5721
      • Credentials
        • Local Account: Helix
      • Working Directory
        • /Library/Helix/Agent
    2. Win Universal Baseline (View: Policy - OS – Windows)
      • Agent Menu
        • Enable Agent Icon
        • Company URL: Support Portal (http://helix123.com)
        • Refresh – Agent Initiates a Full Check-in with KServer
      • Audit Schedule
        • Last Audit (Every Mon, 10pm, 4h distribution)
        • Baseline Audit (Every 6 months, 4pm, 4h distribution)
        • System Audit (Every 3 months, 4pm, 4h distribution)
      • Checkin
        • Primary: K2.helix213.com: 5721
        • Secondary: 209.222.24.92:5721
      • Credentials
        • Local Account: RemoteAdmin
      • Working Directory
        • C:/Helix/Agent



Client Specific Policies

 

DTW

  1. DTW-NightlyReboot (View: DTW-NightlyReboot)
    • Agent Procedures
      • Force Reboot (Every day, Midnight, 5min distribution)

    

EOS

  1. EOS-ProcessMonitoring (View: Policy - OS - Windows Servers)
    • Monitor Sets
      • EOS-Services -> Alarm, email: support@helixsystemsinc.com

TCG

  1. Personify Monitors (View: Policy - OS - Windows Servers)
    • Monitor Sets
      • TCG-Services -> Alarm, email: support@helixsystemsinc.com

Caravan

  1. CaravanFaxNightlyRestart (View: Policy - OS - Win 7)
    • Agent Procedures
      • Fax Server Restart (Every day, Midnight, 10min distribution)

    

Ellkay

  1. Custom Service Monitoring (View: Policy - OS - All Servers)
    • Monitor Sets
      • LKServicesMonitor -> Alarm, Email: support@helixsystemsinc.com,networkteam@ellkay.com
  2. Patching - Reboot - Backup 01 (View: Policy - Ellkay - Backup Server 01)
    • Agent Procedures
      • Force Reboot (Every 3rd Saturday, 4am)
  3. Patching - Reboot - Hyper-V 01 (View: Policy - Ellkay - Hyper-V Server 01)
    • Agent Procedures
      • Force Reboot (Every 3rd Sunday, 3:30am)
  4. Patching - Reboot - Hyper-V 02 (View: Policy - Ellkay - Hyper-V Server 02)
    • Agent Procedures
      • Force Reboot (Every 3rd Sunday, 4:30am)
  5. Patching - Reboot - Hyper-V 03 (View: Policy - Ellkay - Hyper-V Server 03)
    • Agent Procedures
      • Force Reboot (Every 3rd Sunday, 5:30am)
  6. Patching - Reboot - Hyper-V 04 (View: Policy - Ellkay - Hyper-V Server 04)
    • Agent Procedures
      • Force Reboot (Every 3rd Sunday, 6:30am)
  7. Patching - Reboot - Hyper-V Servers (View: Policy - Ellkay - Hyper-V Servers)
    • Patch Reboot Action
      • Do not reboot after update

FRMC

  1. FRMC Policy (View: Policy - OS - Windows Workstations)
    • Agent Procedures
      • Force Reboot (Every Sat, 1am, 30min distribution)
      • FRMC-Workspaces Client (Every Friday, 8:30pm, 1h distribution)

    

People Care

  1. PeopleCare Force Reboot (View: Policy - OS - Windows Workstations)
    • Agent Procedures
      • Force Reboot (Every Sat, 3am, 1h distribution)

Lilker

  1. Lilker-Win-Wkstn-Monitoring(View: Policy - OS - Windows Workstations)
    • Agent Procedures
      • OpenDNS - Agent Status (PC) (Every day, 10pm, 1h distribution)
      • Audit - AV Type- AVG/MSE (Every day, 5:30pm, 30min distribution)
      • Audit - Product Keys - Save to Agent (Evert 1st Saturday, Midnight, 1h distribution)
      • UAC Audit (Every day, 7pm, 1h distribution)
    • Monitor Sets
      • Helix - Low Disk: Under 5GB on C: Drive -> Alarm, Script: Lilker - AP - Full Disk Cleanup - Powershell

ABI

  1. ABI Box Auto Update (View: Policy - OS - Windows Workstations)
    • Agent Procedures
      • BoxSync4 Install/Update (Every Sat, 11pm, 1h distribution)

    

BMG

  1. BMG Policy (View: Policy - OS - Windows Server 2008)
    • Monitor Sets
      • BMG-SagePervasiveSQL -> Script: BMG-SagePervasiveSQL Restart

EGPS

  1. EGPS RDS Reboot Schedule (View: Policy - Role - Terminal Servers)
    • Agent Procedures
      • Force Reboot (Every Sun, 4am, 10min distribution)
  2. EGPS-PS/PR Version Policy (View: Policy - OS - Windows Workstations x86)
    • Agent Procedures
      • Pension Reporter / Version (Every day, 5am, 5min distribution)

Schweiger Policies

  1. Win Wkstn Policy - SD (View: Policy - OS - Windows Workstations)
    • Agent Procedures
      • Force Reboot (Every Other Sat, 00:30am, 30min distribution)
    • Patch Procedure Schedule
      1. Patch Scan: Every day, 8pm, 2h distribution
      2. Automatic Update: Every Other Sat, 1:45am, 2h distribution
    • Patch Reboot Action: Reboot immediately after update
    • Patch Settings
      • Patch Policy Membership: Workstations
    • Patch Windows Automatic Update
      • Disable Windows Automatic Update




Non-Managed Policies

 

Non-Managed Policies

  1. Audit - Procedures (View: Policy - OS - Windows
    • Agent Procedures
      • Audit - Product Keys - Save to Agent - new (Every Thur, 11am, 4h distribution)
      • BitLocker Status & Key Retrieval - UPDATE_SYSINFO (Every Wed, 10am, 4h distribution)
      • Audit - Monitors (Every Wed, 10am, 4h distribution)
      • Audit - Windows Activation Status (Every Wed, 11am, 4h distribution)
      • Audit - Check SMB1 Status (Every Mon, Thur, 4pm, 4h distribution)
      • Audit - Check UEFI Status (Every Mon, Thur, 8am, 4h distribution)
      • Audit - Firewall (Domain, Private, and Public) (Every Mon, Thur, 4pm, 4h distribution)
      • Audit - Check USB Mass Storage Status (Every Mon, Thur, 10am, 4h distribution)
  2. Audit - Systems (View: Policy - Agent - All Agents Checked In)
    • Audit Schedule
      • Last Audit (Every day, 3am, 4h distribution)
      • Baseline Audit (Every 6 months, 1pm, 4h distribution)
      • System Audit (Every 3 months, 11am, 4h distribution)
  3. Patching 
    • Patch Procedure Schedule
      • Patch Scan: Every Thur, 8pm, 4h distribution